﻿using System;
using System.Collections.Generic;
using System.Text;
using System.Web;
using System.Web.UI;

namespace Library.SecurityModule
{
    /// <summary>
    /// 用户安全验证
    /// </summary>
    public class  UserModule:System.Web.IHttpModule
    {
        #region IHttpModule 成员

        public void Dispose()
        {
            
        }

        public void Init(HttpApplication context)
        {
           context.AcquireRequestState+=new EventHandler(context_AcquireRequestState);

           context.Error += new EventHandler(context_Error);
       }

        private bool isLogin(string url)
        { 
           string[] arrs=System.Configuration.ConfigurationManager.AppSettings["noLogin"].Split(',');

           foreach (string s in arrs)
           {
               if ( url.EndsWith(s.ToLower()))
               {
                   return false;
               }
           }

           return true;
        }

        void context_AcquireRequestState(object sender, EventArgs e)
        {
            if (!this.isLogin(HttpContext.Current.Request.Url.AbsoluteUri.ToLower()))
            {
                return;
            }

            if (HttpContext.Current.Session != null && HttpContext.Current.Session["MemberID"] == null)
            {
                HttpContext.Current.Response.Redirect("~/login.aspx");
                //string script = "window.top.location.href='login.aspx';";
               // (HttpContext.Current.Handler as Page).ClientScript.RegisterClientScriptBlock(this.GetType(), "@msg", script, true);
                //HttpContext.Current.Response.End();
            }
        }

        void context_Error(object sender, EventArgs e)
        { 
            
        }

        #endregion
    }
}
